Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47554 | 1 Ormazabal | 4 Ekorccp, Ekorccp Firmware, Ekorrci and 1 more | 2024-11-21 | N/A | 8.2 HIGH |
|
Exposure of sensitive information in ekorCCP and ekorRCI, potentially allowing a remote attacker to obtain critical information from various .xml files, including .xml files containing credentials, without being authenticated within the web server.
|
|||||
| CVE-2022-47531 | 1 Ericsson | 1 Evolved Packet Gateway | 2024-11-21 | N/A | 8.8 HIGH |
|
An issue was discovered in Ericsson Evolved Packet Gateway (EPG) versions 3.x before 3.25 and 2.x before 2.16, allows authenticated users to bypass system CLI and execute commands they are authorized to execute directly in the UNIX shell.
|
|||||
| CVE-2022-47508 | 1 Solarwinds | 1 Server And Application Monitor | 2024-11-21 | N/A | 7.5 HIGH |
|
Customers who had configured their polling to occur via Kerberos did not expect NTLM Traffic on their environment, but since we were querying for data via IP address this prevented us from utilizing Kerberos.
|
|||||
| CVE-2022-47213 | 1 Microsoft | 1 365 Apps | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Graphics Remote Code Execution Vulnerability
|
|||||
| CVE-2022-47212 | 1 Microsoft | 1 365 Apps | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Graphics Remote Code Execution Vulnerability
|
|||||
| CVE-2022-47211 | 1 Microsoft | 1 365 Apps | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Graphics Remote Code Execution Vulnerability
|
|||||
| CVE-2022-47192 | 1 Generex | 2 Cs141, Cs141 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
|
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device, allowing him to replace the administrator password.
|
|||||
| CVE-2022-47189 | 1 Generex | 2 Cs141, Cs141 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an incorrect configuration, in order to disrupt the normal functionality of the device.
|
|||||
| CVE-2022-47160 | 1 Wpmet | 1 Wp Social Login And Register Social Counter | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wpmet Wp Social Login and Register Social Counter.This issue affects Wp Social Login and Register Social Counter: from n/a through 1.9.0.
|
|||||
| CVE-2022-47085 | 1 Ostree Project | 1 Ostree | 2024-11-21 | N/A | 7.5 HIGH |
|
An issue was discovered in ostree before 2022.7 allows attackers to cause a denial of service or other unspecified impacts via the print_panic function in repo_checkout_filter.rs.
|
|||||
| CVE-2022-46782 | 1 Stormshield | 1 Ssl Vpn Client | 2024-11-21 | N/A | 7.8 HIGH |
|
An issue was discovered in Stormshield SSL VPN Client before 3.2.0. A logged-in user, able to only launch the VPNSSL Client, can use the OpenVPN instance to execute malicious code as administrator on the local machine.
|
|||||
| CVE-2022-46725 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | N/A | 4.3 MEDIUM |
|
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing.
|
|||||
| CVE-2022-46724 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | N/A | 2.4 LOW |
|
This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 16.4 and iPadOS 16.4. A person with physical access to an iOS device may be able to view the last image used in Magnifier from the lock screen.
|
|||||
| CVE-2022-46722 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system.
|
|||||
| CVE-2022-46715 | 1 Apple | 2 Ipados, Iphone Os | 2024-11-21 | N/A | 5.5 MEDIUM |
|
A logic issue was addressed with improved checks. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to bypass certain Privacy preferences
|
|||||
| CVE-2022-46651 | 1 Apache | 1 Airflow | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an unauthorized actor to gain access to sensitive information in Connection edit view. This vulnerability is considered low since it requires someone with access to Connection resources specifically updating the connection to exploit it. Users should upgrade to version 2.6.3 or later which has removed the vulnerability.
|
|||||
| CVE-2022-46646 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | N/A | 2.2 LOW |
|
Exposure of sensitive information to an unauthorized actor for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access.
|
|||||
| CVE-2022-46413 | 1 Veritas | 2 Access Appliance, Netbackup Flex Scale Appliance | 2024-11-21 | N/A | 8.8 HIGH |
|
An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Authenticated remote command execution can occur via the management portal.
|
|||||
| CVE-2022-46412 | 1 Veritas | 1 Netbackup Flex Scale Appliance | 2024-11-21 | N/A | 8.8 HIGH |
|
An issue was discovered in Veritas NetBackup Flex Scale through 3.0. A non-privileged user may escape a restricted shell and execute privileged commands.
|
|||||
| CVE-2022-46365 | 1 Apache | 1 Streampark | 2024-11-21 | N/A | 9.1 CRITICAL |
|
Apache StreamPark 1.0.0 before 2.0.0 When the user successfully logs in, to modify his profile, the username will be passed to the server-layer as a parameter, but not verified whether the user name is the currently logged user and whether the user is legal, This will allow malicious attackers to send any username to modify and reset the account, Users of the affected versions should upgrade to Apache StreamPark 2.0.0 or later.
|
|||||
| CVE-2022-45937 | 1 Siemens | 18 Pxc00-e96.a, Pxc00-e96.a Firmware, Pxc100-e96.a and 15 more | 2024-11-21 | N/A | 8.8 HIGH |
|
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). A low privilege authenticated attacker with network access to the integrated web server could download sensitive information from the d ...
Show More |
|||||
| CVE-2022-45456 | 4 Acronis, Apple, Linux and 1 more | 4 Agent, Macos, Linux Kernel and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Denial of service due to unauthenticated API endpoint. The following products are affected: Acronis Agent (Windows, macOS, Linux) before build 30161.
|
|||||
| CVE-2022-45354 | 1 Wpchill | 1 Download Monitor | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.7.60.
|
|||||
| CVE-2022-45112 | 1 Intel | 1 Virtual Raid On Cpu | 2024-11-21 | N/A | 7.3 HIGH |
|
Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-45069 | 1 Automattic | 1 Crowdsignal Dashboard | 2024-11-21 | N/A | 6.3 MEDIUM |
|
Auth. (contributor+) Privilege Escalation vulnerability in Crowdsignal Dashboard plugin <= 3.0.9 on WordPress.
|
|||||
| CVE-2022-44713 | 1 Microsoft | 2 Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 7.5 HIGH |
|
Microsoft Outlook for Mac Spoofing Vulnerability
|
|||||
| CVE-2022-44710 | 1 Microsoft | 1 Windows 11 | 2024-11-21 | N/A | 7.8 HIGH |
|
DirectX Graphics Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-44707 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Windows Kernel Denial of Service Vulnerability
|
|||||
| CVE-2022-44699 | 1 Microsoft | 1 Azure Network Watcher Agent | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Azure Network Watcher Agent Security Feature Bypass Vulnerability
|
|||||
| CVE-2022-44697 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Graphics Component Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-44696 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Visio Remote Code Execution Vulnerability
|
|||||
| CVE-2022-44695 | 1 Microsoft | 3 365 Apps, Office, Visio | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Visio Remote Code Execution Vulnerability
|
|||||
| CVE-2022-44694 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Visio Remote Code Execution Vulnerability
|
|||||
| CVE-2022-44693 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-44692 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Graphics Remote Code Execution Vulnerability
|
|||||
| CVE-2022-44691 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office OneNote Remote Code Execution Vulnerability
|
|||||
| CVE-2022-44690 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-44687 | 1 Microsoft | 3 Raw Image Extension, Windows 10, Windows 11 | 2024-11-21 | N/A | 7.8 HIGH |
|
Raw Image Extension Remote Code Execution Vulnerability
|
|||||
| CVE-2022-44684 | 1 Microsoft | 7 Windows 10 20h2, Windows 10 21h1, Windows 10 21h2 and 4 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Windows Local Session Manager (LSM) Denial of Service Vulnerability
|
|||||
| CVE-2022-44682 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 11 22h2 and 5 more | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Windows Hyper-V Denial of Service Vulnerability
|
|||||